Another password related bug I have noticed is in onboarding when a user creates a admin user they don't have password restrictions this is another security risk because the user is creating a superlibrarian